Monday, February 11, 2013

Personal Reflections on Suits and Spooks DC 2013

Now that I've had a chance to decompress from and reflect upon the terrific Suits and Spooks DC conference last weekend, I want to share some surprising shifts in thinking that occurred for me during those two days.

The speakers were all terrific, but some topics triggered a lot of passionate debate amongst the speakers and the attendees. You can get a sense of what transpired by reading the live Twitter stream from the event. How those passions were channeled and the manner in which some speakers conducted themselves in the heat of the moment really impressed me. Keep in mind that the speaker to attendee ratio was 1:4. That's unheard of at most conferences. In fact, I don't know of another event where it's that low, which is too bad because I believe that it makes for a much more valuable experience for both the attendees and the speakers.

Some of the areas in which my thinking has shifted includes:

International Cooperation. The international speakers that I invited to attend did a phenomenal job. I particularly want to commend Marco Obiso of the ITU. He was on the receiving end of a lot of heated debate and pointed comments and parried them all without loosing his temper (I can't say the same about some of his opponents). Marco did an excellent job of explaining the ITU's sometimes controversial platform while always responding to his critics in a balanced and informed way. The lesson for me was in watching how he wants engagement while his critics don't. Obiso and the ITU came out ahead because of that. In an adversarial debate, the side which has a deep expertise and is confident in their ability to engage can do so in a balanced way. Some of the ITU opponents weren't able to do that and they lost the debate as far as I was concerned.

Kaspersky. I take a lot of shots at Eugene Kaspersky, but his employee Roel Schouwenberg did a terrific job in explaining Red October. He provided some new information - that Kaspersky's client who brought ROCRA to their attention was from the European Union. Despite Kaspersky's contractual and non-contractual relationships with the Russian government, they are the world's fourth largest security software vendor and they arguably do the best work in writing reports that describe important malware attacks. Roel will always be a welcome speaker at future Suits and Spooks events.

Hack-Back and Active Defense. Some of the speakers who favored hack-back were successful in describing scenarios that made sense and seemed possible to implement without causing unfortunate blow-back. Other speakers took "hack-back" off the table when describing other active defense practices, particularly deceptive techniques. My take-away was that active defense including hack-back could probably be implemented responsibly by a few private parties but certainly would be taken advantage of by less responsible ones so I think that law enforcement oversight is a requirement. Also, the CFAA definitely needs to be modified from its out-dated current language.

Opinions Derived From Online Interactions. One of the most refreshing things that happened to me was how much I enjoyed interacting with people whom I had previously only known online. We all form opinions about people based upon limited interactions. In today's networked world of social media, many of those opinions are formed without the benefit of personal interactions. And sometimes those opinions conflate individuals with the companies that they were formerly employed by. Last week's Suits and Spooks was a joy for me to participate in because I was newly impressed by some people who I had previously only known from the news or social media. Those newly positive impressions came about precisely because of the extended interaction (two days), low attendee:speaker ratio, and heated discussions. Just meeting someone in "real life" often isn't enough to change perceptions. Extended interaction in combination with engagements or arguments over heated issues makes all the difference.

Feedback. In closing, I'm happy to share some of the feedback that I received from speakers and attendees of Suits and Spooks DC 2013:

"One of those rare conferences where even the speakers learn something new."
- Stewart A. Baker, former General Counsel, National Security Agency; former Ass't Secretary for Policy, Department of Homeland Security

"Suits and Spooks provided a unique forum for discussing the hard, unanswered questions with leading technical and policy experts." - Jim Denaro, founder of CipherLaw

"SNS provided a spotlight into the evolving edge of cyber." - Greg Hoglund, former founder, CEO of HBGary, Inc.

"Suits & Spooks brought together that right mix of backgrounds that allowed for informed discussion on the challenges of employing offensive techniques in support of defensive measures. The networking alone made this conference worth being there." - Jim Butterworth, Commercial Chief Security Officer, HBGary, Inc.

If you attended SNS DC 2013 and want to send me a quote to use, please do so via Twitter or email. If you didn't attend, but you want to be informed about upcoming events, you can follow Suits and Spooks on Twitter. Our next event will be announced shortly.